![]() Generate a base 64 encoded SHA256 with a character set of "./A-Za-z0-9" (which is a common character set for base 64 with dot and slash). Which is the first/second thing I tried with the bad hash. Then I translated what I could from the hash then face palmed because the character set wasn't random it was simply the other common character set with dot and slash "./0-9A-Za-z". The nice thing about "password:LcV6aBcc/53FoCJjXQMd7rBUDEpeevrK8V5jQVoJEhU" is it has 14 duplicate characters which gives you a 1 in 2 ^ 84 collision probability.Īt least it wasn't the hash of "755961" which only has 1 duplicate character but it could have been the hash of "910698" which has 23.Īnyway I got a hit on that which was just base 64 encoded SHA256. I had all this code written to test padding, iterated, duplication, truncation, and different base64 character set, but I was testing a bad hash. The hardest part was getting a valid hash. ![]() Well it turns out that it is just base 64 encoded SHA256 with character set "./0-9A-Za-z". It is easy to tell (with access to the Cisco device) that it is not salted. It is obviously in base 64 and 43 characters long. \/ Convert from Cisco Type 4 \/ /\ Convert to Cisco Type 4 /\ LcV6aBcc/53FoCJjXQMd7rBUDEpeevrK8V5jQVoJEhU Convert a Cisco Type 4 Hash to Hex SHA256 Hash Cisco Type 4:Īsdf:LcV6aBcc/53FoCJjXQMd7rBUDEpeevrK8V5jQVoJEhU
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |